Payatu AI/ML Security Audit Review

Testing AI/ML systems requires domain knowledge. At Payatu, our AI/ML domain experts have orchestrated ways to help you secure your intelligent application against esoteric and potentially severe security and privacy threats. ML Security assessment coverage 1)Understanding the Application a)Use-case b)Product Capabilities c)Implementations 2)Attack Surface Identification a)Understanding the ML Pipeline b)Gather Test Cases If Any 3)Threat Modeling a)Actors and Entity Boundaries b)Possible Attacks identification on Exposed endpoints c)Possible attack vectors 4)Model Endpoints a)Understand ways with which end users communicate with model b)Simulate end user interaction 5)Adversarial Learning Attack a)Craft inputs to bypass fool classifiers b)Use custom built tools c)Automated generation of theoretically infinite zero day samples as possible 6)Model Stealing Attack a)Model deployed locally or remotely b)Reverse engineer deployed application Custom built scripts for black-box model stealing attacks 7)Model Skewing and Data poisoning Attack a)Simulate Feedback loops abused by attackers b)Quantify the skewness of model 8)Model Inversion and inference a)Get access to model via valid or compromised communication channels b)Infer sensitive samples from training dataset from model 9)Framework/ Network/Application assessment a)Identify traditional vulnerabilities in application b)Leverage them for above attacks 10)Reporting and Mitigation a)Comprehensive Mitigation Proposal b)Work With Developer/SME for implementations